Every day, attackers exploit IP spoofing for their criminal operations. Despite being a known vulnerability for at least 25 years, IP source address spoofing still remains a popular attack method for redirection, amplification, and anonymity attacks. This situation persists partially because of the lack of visibility into which operators lack adequate anti-spoofing measures -- that is, their networks are not compliant with BCP38 and related norms.
In the effort to help increase the adoption of anti-spoofing measures, researchers from TU Delft and CAIDA have been conducting measurements on which networks are compliant. We would like to engage the network operator community to reach out to non-compliant operators and instigate remediating actions. We have created an overview of our findings on networks in the United Kingdom. You can see them on our website: https://www.infospoofing.com/uk/ID=67 The good news is: over 80% of all operators have measures in place against IP spoofing! We would like to ask your help to get the remaining 17% on board. Feel free to share the link to our website or otherwise help mobilize the non-compliant operators. At our site, you can also find more information about anti-spoofing best practices as articulated by the MANRS initiative. Help us to make the United Kingdom a spoofing-free country! Best regards, Orcun Cetin, Luigi Tuttobene, Carlos Gañán, Michel van Eeten Researcher at Delft University of Technology --- Faculteit Techniek, Bestuur en Management TU Delft Postbus 5015, 2600GA Delft +31 (0)15 27 88784
